I have the same "problem" and don't see an issue with opieinfo being setuid
root if opiepasswd is:
The information retrieved by opieinfo is not sensitive at all, sequence number
and seed are publicly shown to anyone who wants to login as the specified user.
The only sensitive data in the OPIE system is the user's passphrase and the
keyfile /etc/opiekeys, which should never be world-readable.
** Changed in: opie (Ubuntu)
Status: Invalid => Confirmed
--
opieinfo isn't setuid, whilst opiepasswd is
https://bugs.launchpad.net/bugs/61335
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
